#include"head.h"
int tackle_signin(int socket, MYSQL *db,TLV*TLV_RECV){
printf("已进入登陆函数\n");
    int user_id = 0;
    TLV* TLV_T = (TLV*)malloc(sizeof(TLV));
    memset(TLV_T, 0, sizeof(TLV));
    
    MYSQL_RES *result = NULL;
    MYSQL_ROW row;
char token[65]={0};    
    // 1. 解析接收到的TLV数据
    char username[9] = {0};
    char password[9] = {0};
    
    for(int i = 0; i < 8; i++) {
        username[i] = TLV_RECV->value[i];
        password[i] = TLV_RECV->value[i+8];
    }
    username[8] = '\0';
    password[8] = '\0';
    
    printf("登录尝试 - 用户名: %s\npassword=%s\n", username,password);

    char query[256];
    snprintf(query, sizeof(query), 
             "SELECT id, saltNum, ciphertext FROM users "
             "WHERE username = '%s' AND isDelete = 0", 
             username);
    TLV_T->type=0xFF;
//在数据库中筛选用户名相同，但未被删除的命令    
    if (mysql_query(db, query)) {
        fprintf(stderr, "查询失败: %s\n", mysql_error(db));
        user_id = -3;

        goto cleanup;
    }
    
    result = mysql_store_result(db);
    if (result == NULL){ 
        fprintf(stderr, "存储结果失败: %s\n", mysql_error(db));
user_id = -3;

        goto cleanup;
    }
    
    // 3. 检查用户是否存在
    if (mysql_num_rows(result) == 0) {
        printf("用户不存在或已被删除\n");
        TLV_T->type = 0xFF; // 用户不存在
        TLV_T->length = 0;
        user_id = -2;
        goto cleanup;
    }
    
    // 4. 获取用户数据
    row = mysql_fetch_row(result);
    if (row == NULL) {
        fprintf(stderr, "获取行数据失败\n");
        user_id = -2;
        goto cleanup;
    }
    
    user_id = atoi(row[0]);
    
     unsigned char*  salt =(unsigned char*)calloc(salt,128);
  salt =(unsigned char*) row[1];
    const char* stored_ciphertext = row[2];
    
    // 5. 验证密码
    unsigned char computed_digest[SHA256_DIGEST_LENGTH];
    create_encrypt(salt, password, computed_digest);
    if (memcmp(computed_digest, stored_ciphertext,32) != 0) {
        printf("密码错误\n");
        TLV_T->type = 0xFF; // 密码错误
        TLV_T->length = 15;
       snprintf(TLV_T->value, 20,"password error"); 
        user_id = -3;
        goto cleanup;
    }
    
    // 6. 检查用户是否已登录
    snprintf(query, sizeof(query), 
             "SELECT isLoggedIn FROM users WHERE id = %d", 
             user_id);
    
    if (mysql_query(db, query)) {
        fprintf(stderr, "查询登录状态失败: %s\n", mysql_error(db));
       user_id = -3;

        goto cleanup;
    }
    
    mysql_free_result(result);
    result = mysql_store_result(db);
    
    if (result && mysql_num_rows(result) > 0) {
        row = mysql_fetch_row(result);
        if (row && atoi(row[0]) == 1) {
            printf("用户已登录\n");
            TLV_T->type = 0xFF; // 用户已登录
            TLV_T->length = 30;
 snprintf(TLV_T->value, 30,"client has signed in");
            user_id = -4;
            goto cleanup;
        }
    }
    
    // 7. 更新登录状态
    snprintf(query, sizeof(query), 
             "UPDATE users SET isLoggedIn = 1 WHERE id = %d", 
             user_id);
    
    if (mysql_query(db, query)) {
        fprintf(stderr, "更新登录状态失败: %s\n", mysql_error(db));
     user_id = -4;

        goto cleanup;
    }
    
    // 8. 登录成功
    printf("用户 %s 登录成功, ID: %d\n", username, user_id);
    TLV_T->type = 0x30; // 登录成功
    TLV_T->length = 0;
 getToken(user_id,token);                       //
                strncpy(TLV_T->token,token,65);
                strncpy(TLV_T->username,username,9);
                TLV_RECV->id=user_id;
                printf("token=%s,id=%d,username=%s,传输长度为%d\n",TLV_T->token,TLV_T->id,TLV_T->username,TLV_T->length);

    sendTlv(socket, TLV_T);
      if (result != NULL) {
           mysql_free_result(result);
       }

    
cleanup:
    if(TLV_T->type==0xFF)
    sendTlv(socket,TLV_T);
    free(TLV_T);
    printf("结束返回值user_id=%d\n",user_id);
    return user_id;

}
